Why are any of those better than any of the ones on the list above? All have the power to arbitrarily freeze your coins, all will use your deposits to socialize losses from hacks, scams, or bankruptcy, and all host a bunch of other shitcoins. There are plenty of other shitcoins out there other than BSV which could collapse and take entire platforms with them (e.g. Luna collapsing just a few months ago and taking the likes of Celsius and Voyager down with it).

Sure, the ones Greg has listed are perhaps riskiest right now because of the BSV scam, but looking long term then every centralized exchange is just as risky as every other one.

All the more reason to stick to Bisq then, given that it is software which is run entirely peer to peer over Tor. You do not interact with a centralized website at all, meaning no Cloudflare and no tracing of your IP.

Yup, this. As I said above, the only way to be sure your data remains safe is to not share it in the first place. Anything you hand over (willingly or by accident) can and will be shared, sold, or hacked eventually.

It shouldn't, but it easily can, depending on your other online habits and activities. Data brokers absolutely have records of IP addresses which are linked to real life identities. This can be via frequently logging in to named accounts via that IP, frequently visiting your own social media pages, being linked to your physical devices and other data from them such as geolocation, simply via data your ISP has shared, and so on. Even you use a VPN, if you use a bad one then your VPN IP address will also be linked to your real identity. Although an exchange might not have access to this, they will definitely be able to sell the pairing of an IP address and a bitcoin address to interested third parties who will be able to de-anonymize you with this information.

Up to the individual, probably. You need to differentiate between whether you are checking for accuracy or checking for maliciousness. If your copy of bitaddress generates one address accurately, then you can be pretty sure if it is non-malicious then it will generate all addresses accurately. However, a malicious piece of software may generate one or two addresses accurately and then start generating fake addresses.

However, given that any malicious software could generate addresses from predetermined seed phrases or private keys which are known to an attacker, then testing them in this manner does not protect against attack. That can only be done by reviewing the source code.

I disagree. Physical cash is the most reliable solution of them all (provided you live in a country which is only being subjected to moderate inflation rather than hyperinflation and people actually still want to hold your national fiat currency at all. Or you can easily access USD or some other currency.) It does not matter that you can't move it across borders - that is irrelevant for trading bitcoin peer to peer with others in your local area. Cash provides the only truly anonymous way to interact with the fiat banking system, as well as removing the risk of charge backs or similar disputes being opened which are the biggest risk when trading peer to peer. You can meet your trading party at a bank or an ATM, and either withdraw the fiat there and then or immediately deposit it once it has been handed over to completely eliminate any risks of counterfeit bills.

ChipMixer have never made it a secret that you don't pay a set fee and only pay as much as you want for their service. They say as much on their ANN thread, and they also make it clear in the FAQs on their site. This is already well known throughout the community, and they clearly have a sufficient revenue stream given that they are the most popular and longest running bitcoin mixer in operation.

So no, I wouldn't worry about this thread.

You don't understand how timelock works. None of this is accurate.

To use a timelocked transaction for inheritance purposes, then I would create a transaction sending my coins to one of your addresses. I change the timelock field to a date (in Unix time) in 10 years, 20 years, 50 years, whatever. I sign the transaction, and I give it to you. You can do nothing with that transaction until after the date I set has past. If you try to broadcast it, it will be rejected by the network. After the date has passed, you can broadcast it and take your inheritance. There is zero trust involved. You can decode the transaction to see exactly what it is doing and when it can be spent, and there is no chance of anyone being able to take the coins before the date I set as the transaction remains invalid until that date. No one needs access to anyone else's private keys.

There is also no "shit hits the fan" scenario. At any time I like, I can change my mind and move/spend my coins in a regular transaction, which would invalidate the timelocked transaction you are holding.

The whole process is completely transparent, completely trustless, and completely free.

Absolutely. Which goes back to the original point of testing your back up with different software. What if you accidentally, either through user error or bugged software, created a wallet using some crazy derivation path with 200+ levels, did not test your recovery, and then loaded it with funds? You now have a useless seed phrase back up securing coins in a derivation path you would never find again, all while being completely unaware of that fact.

This is a slightly different issue. When I check my back ups, I only ever check the first addresses. That is enough for me to be sure that I am using the right seed phrase at the right derivation path with the right script type to reproduce the wallet again in the future. When I check each new Electrum address on the screen of my hardware wallet, I am checking that my computer or my Electrum install has not been infected with malware or subjected to some other malicious attack which results in it displaying an incorrect address.

This depends entirely on the method of transferring fiat you use and specifics of this method or your country's banking system. Bisq never handles anything to do with the fiat trade, so has no record of names, account numbers, or other details which could be used to identify you. So any information you do or do not share is done entirely via the fiat trading method you choose. As far as I am aware, if you make a wire transfer or bank transfer to another person then in most countries it will show at least a name and usually an account number to the other party. I think most online payment systems such as PayPal or Cash App also show at least a name or a phone number.

The only way to be sure that your details/information are not being shared with third parties (be that governments, blockchain analysis companies, etc.), is to not hand over any details in the first place. The most reliable way to do this is to trade peer-to-peer, as I said above. My preferred peer-to-peer platform is Bisq, but you can find others here: https://kycnot.me/

Any centralized exchange, even those which say you can trade without completing KYC or otherwise handing over personal information, should be avoided. They can still gather and share information on you such as your IP address and wallet addresses, and they can simply lock your account and your coins and demand that you complete KYC.

If you want to buy via credit card, then you will have to obfuscate your bitcoin after you have bought them if you want to de-link them from your identity. I would suggest either using ChipMixer to mix your coins, or JoinMarket to coinjoin them. The outcome of both techniques is essentially that you receive different bitcoin that are not traceable to your original bitcoin.

Yes, that's a BIP38 encrypted private key then. Your only option will be to attempt to brute force the password.

Personally, I would try using btcrecover to do this: https://btcrecover.readthedocs.io/en/latest/
You would need to either set up a passwordlist file, which is simply a list of possible passwords you might have used, or a tokenlist file, which tells btcrecover how to generate potential passwords from a set of rules you define (such as 5 lowercase characters followed by 1 number, or something along those lines).

GPUs don't offer much benefit for BIP38 unless you have lots of them. More likely you will be limited to a few dozen guesses a seconds by your CPU.

It used to be legit prior to it being sold in 2018, so your wallet from 5-6 years ago is probably OK if the funds have not been moved. Since it was sold in 2018 it has turned in to a scam site.

It depends on the service you used to buy the bitcoin. They will absolutely know your identity (since they will receive it alongside your credit card payment) and will obviously know which bitcoin and addresses belong to you after they send you whatever you have bought. From there, it would be possible for them to track where your bitcoin then moves. The question then becomes whether or not they choose to do that or whether or not they share the information regarding your identity and bitcoin addresses with any third parties, such as blockchain analysis companies or your government.

The person you are paying with bitcoin would be highly unlikely to be able to figure out your identity based only on the above transaction, though.

There are two things you can do here to protect your privacy further and break the chain between your identity and your final payment. The first would be to buy bitcoin completely anonymously. This would usually mean over a peer-to-peer network such as Bisq or LocalCryptos, and paying with a non-traceable method such as cash or gift cards. From there, there is no link between your real identity and your bitcoin. The other option is to break the link between the transaction where you buy bitcoin with your credit card and any future transactions. This would be achieved by passing your bitcoin through a mixer or a coinjoin, meaning the bitcoin you end up with are in no way linked to the bitcoin you started with (which are linked to your identity via your credit card transaction). In this second case the company you bought bitcoin from would still know you bought bitcoin, but they would no longer be able to see where that bitcoin went or who you sent it to.

This is a separate issue to the fact that Trust wallet is a bad wallet choice, but this is also a bad back up method. Scrambling a 12 word seed phrase does not add any additional security, and a good attacker would be able to crack any scrambling that you do in a matter of minutes. What is more likely is that you forget the true order of the words and inadvertently lock yourself out of your back ups.

Biometrics are not safe and are easy to spoof/hack. If you want a secure locking mechanism for some software or app, then you must use a PIN or password.

What about other passwords you were using at the time? Can you remember any of them and have you tried them?
Do you have any idea what the password might be, based on the way you generate passwords? If it is completely random characters then your chances of brute forcing it are very small. Or is it more likely that you chose a dictionary word or some other word which has meaning for you?
You say you think it will be short and not have any special characters - that's a start. What about numbers? What about uppercase/lowercase?

If you can't remember the decryption password, then you only option will be to attempt to brute force it, but as pooya87 says above, unless you can be more specific about what format the password might take then you are likely wasting your time.

All more reason to use a passphrase over the system being proposed here. In the event of being subjected to a $5 wrench attack, then you can reveal your seed phrase to the attacker, and they can steal the small amount of coins that you have stored in the base wallet. However, the majority of your coins which you have stored in additional secret wallets which are hidden behind one or more passphrases remain not only secure, but completely hidden; the attacker has no idea they even exist.

If you are paying in a fiat-denominated value, then chances are both your outputs will be non-round numbers. If you are paying in a bitcoin-denominated value, then chances are the payment output will be round and the change output will be non-round. I'm not saying that every payment output is a round figure, only that round figures are more likely to be payments.

It is very likely that blockchain analysis companies are already doing this. You can also do it yourself using blockchair, which appends the value in a fiat of your choosing at the time of the transaction to each input and output.

Of course, but the point we are making is that some people don't do that. And even if you do only use reputable, open source wallets, have you scanned every single line of code to make sure it is doing what you think it is doing? Doubtful. And even if you do, you cannot be 100% sure that you have not made a mistake when writing down your seed phrase or similar unless you test your back ups. There is literally no reason to not test your back ups before you fund the wallet.

I would wager that the majority of people don't even know what a derivation path is.

Again, I won't, but lots of people do.

Checking the first address matches is sufficient. The chance of a different seed phrase or incorrect back up generating the same first address is essentially zero.

This is a good point actually. There is nothing stopping an attacker with access to your encrypted file using a man-in-the-middle type attack to feed spoof data to the program to make it think it has connected to whatever site it is pointed at and the date is actually 100 years in the future.

There is also nothing stopping the program from storing whatever keys you enter while offline and later transmitting them to a third party when internet access is re-established.

Be careful with this. The number of people who have come up with some self created cipher or obfuscation method who have then forgotten what they did and locked themselves out of their coins far outnumbers the number of people who have been saved from theft by such a method. If you want extra security over a single seed phrase, then better to use a standardized method such as a passphrase or multi-sig.

More importantly than that, a master private key cannot be used to generate passphrased wallets. Additionally, a lot of wallet software incorrectly refers to account extended keys as master keys, and so someone could back up what they think is their master private key at m, but actually back up their account extended private key at m/84'/0'/0' without realizing it.

Then they would be wrong. The terms seed phrase and master key refer to two different things. They are not interchangeable.

The words are not chosen randomly. Rather, they are encoded very precisely from a random source of entropy. Also, the word "jug" is not on the BIP39 wordlist.

It is not challenging, but rather impossible to brute force a seed phrase from scratch. Every time someone's seed phrase is hacked, it is because of user error or malware which leaks their seed phrase to an attacker.

Sure, but that's another layer of added complexity, which means another layer for you to either forget and lose access to your coins, or another layer for you to mess up and lose access to your coins. Additionally, you will want to back up the exact translation and edition to go with your book cypher, and a list of number pairs with "King James Version (1769)" written at the top makes it completely obvious that your number list is a book cipher and therefore trivial to decipher.